Cumulative patch from commit 8c43ef8449bd4d2d0983db394770bd73f572b12d
8c43ef8 P2PS: Fix attribute addition in p2p_buf_add_service_instance()
a9ea609 P2PS: Fix p2p_find last parameter handling
6c73149 AP: Increase maximum value accepted for cwmin/cwmax
575e4f5 SAE: Reject FFC commit-element with value p-1
a406244 P2PS: Do not reply to ProbeReq on another channel when starting Listen
0c2b3f6 SAE: Reject commit-scalar value 1
4f39908 Send CTRL-EVENT-NETWORK-NOT-FOUND if no suitable network was found
123df27 D-Bus: Fix typos in debug print
ded14ce Android: Fix nl80211 build if BOARD_*_PRIVATE_LIB is unspecified
a140721 Android: Rename ANDROID_P2P_STUB to ANDROID_LIB_STUB
2ba4de3 D-Bus: Add documentation for wpas_dbus_signal_peer_groups_changed()
e48b5e2 D-Bus: Fix typo in dbus signal function documentation
09d5048 D-Bus: Add function documentation for wpas_dbus_unregister_interface()
adfbbd2 D-Bus: Add function documentation for wpas_dbus_register_interface()
c5967f0 D-Bus: Fix wpas_dbus_signal_p2p_invitation_result() documentation
4457f41 radius: Fix NULL dereference issue on allocation failure
f826fb1 OpenSSL: Handle EC_POINT_is_on_curve() error case
bbb5008 SAE: Use random "password" in extra hunting-and-pecking loops
eb5fee0 SAE: Add side-channel protection to PWE derivation with ECC
16841ab crypto: Add functions for computing the Legendre symbol and EC y^2
c4a13b4 OpenSSL: Add support for Brainpool Elliptic Curves
4584b66 SAE: Increase security parameter k to 40 based on Dragonfly recommendation
fdd731b SAE: Fix PWE generation to use minimum loop count (k) properly
8ec3332 SAE: Merge sae_derive_commit() error case return statements
d93abd4 SAE: Merge sae_get_rand() error case return statements
6a58444 SAE: Verify that own/peer commit-scalar and COMMIT-ELEMENT are different
4e7e688 Add crypto_ec_point_cmp()
8e2a3a4 dbus: Do not initialize variable twice
c1a14ef Do not check unsigned size is less than zero
fdc5608 OpenSSL: Remove SSL_CTX_{get,set}_app_data() compatibility wrapper
ba54933 libtommath: Fix mp_init_multi() stdarg use on error path
f6332b0 wpa_gui: Initialize WpaGuiApp::w in the constructor
f6df3f3 Use os_* wrapper more consistently
91b7a5e Use unsigned/signed printf format more consistently
59bae74 HS 2.0R2: Fix memory leak on error path in hs20-osu-client
c5ca73d P2P: Use offsetof() instead of local implementation
c3c5b5f ERP server: Make erp_send_finish_reauth() easier for static analyzers
6ce1bea bsd: Remove redundant NULL check in bsd_init()
c99df20 Remove redundant NULL check in ieee802_1x_encapsulate_radius()
2eb5967 AP: Add more 2.4 GHz channels for 20/40 MHz HT co-ex scan
5ed6519 hw_features: Merge similar return cases
4e37dd6 SAE: Simplify sae_prepare_commit() error path
04e6c4c Fix SAE group selection in an error case
3dce85c HS 2.0: Add WLAN RADIUS attributes in OSEN case
efd5d26 Remove unnecessary wpa_ie_len check from wpa_parse_wpa_ie_wpa()
ce8963f Remove WEP40/WEP104 cipher suite support for WPA/WPA2
ee140ef FT: Stop association attempt if Auth response processing fails (SME)
1887be4 Make check_20mhz_bss() static
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Bug: 22062116
Change-Id: Ie1d175f1faab24bf39ce81ead7a078e1e236badd
diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 49f43f1..52d4cfe 100644
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -29,8 +29,9 @@
# Set Android extended P2P functionality
L_CFLAGS += -DANDROID_P2P
+
ifeq ($(BOARD_HOSTAPD_PRIVATE_LIB),)
-L_CFLAGS += -DANDROID_P2P_STUB
+L_CFLAGS += -DANDROID_LIB_STUB
endif
# Use Android specific directory for control interface sockets
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index d7d5a12..49f8320 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -899,7 +899,9 @@
static int valid_cw(int cw)
{
return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
- cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023);
+ cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023 ||
+ cw == 2047 || cw == 4095 || cw == 8191 || cw == 16383 ||
+ cw == 32767);
}
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 39e9792..00fc142 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -280,8 +280,9 @@
# (data0 is the highest priority queue)
# parameters:
# aifs: AIFS (default 2)
-# cwmin: cwMin (1, 3, 7, 15, 31, 63, 127, 255, 511, 1023)
-# cwmax: cwMax (1, 3, 7, 15, 31, 63, 127, 255, 511, 1023); cwMax >= cwMin
+# cwmin: cwMin (1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, 4095, 8191,
+# 16383, 32767)
+# cwmax: cwMax (same values as cwMin, cwMax >= cwMin)
# burst: maximum length (in milliseconds with precision of up to 0.1 ms) for
# bursting
#
@@ -342,8 +343,9 @@
# note - txop_limit is in units of 32microseconds
# note - acm is admission control mandatory flag. 0 = admission control not
# required, 1 = mandatory
-# note - here cwMin and cmMax are in exponent form. the actual cw value used
-# will be (2^n)-1 where n is the value given here
+# note - Here cwMin and cmMax are in exponent form. The actual cw value used
+# will be (2^n)-1 where n is the value given here. The allowed range for these
+# wmm_ac_??_{cwmin,cwmax} is 0..15 with cwmax >= cwmin.
#
wmm_enabled=1
#
diff --git a/hs20/client/osu_client.c b/hs20/client/osu_client.c
index 478d940..0315f7b 100644
--- a/hs20/client/osu_client.c
+++ b/hs20/client/osu_client.c
@@ -542,6 +542,7 @@
uri);
write_result(ctx, "Unsupported location for addMO to "
"add PPS MO (extra directory): '%s'", uri);
+ free(fqdn);
return -1;
}
*pos = '\0'; /* remove trailing slash and PPS node name */
diff --git a/src/ap/hw_features.c b/src/ap/hw_features.c
index 7c08e52..28324a8 100644
--- a/src/ap/hw_features.c
+++ b/src/ap/hw_features.c
@@ -347,8 +347,13 @@
sec_freq = pri_freq + 20;
else
sec_freq = pri_freq - 20;
- affected_start = (pri_freq + sec_freq) / 2 - 25;
- affected_end = (pri_freq + sec_freq) / 2 + 25;
+ /*
+ * Note: Need to find the PRI channel also in cases where the affected
+ * channel is the SEC channel of a 40 MHz BSS, so need to include the
+ * scanning coverage here to be 40 MHz from the center frequency.
+ */
+ affected_start = (pri_freq + sec_freq) / 2 - 40;
+ affected_end = (pri_freq + sec_freq) / 2 + 40;
wpa_printf(MSG_DEBUG, "40 MHz affected channel range: [%d,%d] MHz",
affected_start, affected_end);
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 8d2a066..db20c86 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -769,6 +769,12 @@
((const u8 *) mgmt) + len -
mgmt->u.auth.variable, &token,
&token_len, hapd->conf->sae_groups);
+ if (resp == SAE_SILENTLY_DISCARD) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Drop commit message from " MACSTR " due to reflection attack",
+ MAC2STR(sta->addr));
+ return;
+ }
if (token && check_sae_token(hapd, sta->addr, token, token_len)
< 0) {
wpa_printf(MSG_DEBUG, "SAE: Drop commit message with "
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index ef26834..d45b98f 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -346,7 +346,8 @@
return -1;
}
- suite = wpa_cipher_to_suite((hapd->conf->wpa & 0x2) ?
+ suite = wpa_cipher_to_suite(((hapd->conf->wpa & 0x2) ||
+ hapd->conf->osen) ?
WPA_PROTO_RSN : WPA_PROTO_WPA,
hapd->conf->wpa_group);
if (!hostapd_config_get_radius_attr(req_attr,
@@ -453,7 +454,7 @@
}
#endif /* CONFIG_IEEE80211R */
- if (hapd->conf->wpa && sta->wpa_sm &&
+ if ((hapd->conf->wpa || hapd->conf->osen) && sta->wpa_sm &&
add_common_radius_sta_attr_rsn(hapd, req_attr, sta, msg) < 0)
return -1;
@@ -599,7 +600,7 @@
goto fail;
}
- if (eap && !radius_msg_add_eap(msg, eap, len)) {
+ if (!radius_msg_add_eap(msg, eap, len)) {
wpa_printf(MSG_INFO, "Could not add EAP-Message");
goto fail;
}
diff --git a/src/common/hw_features_common.c b/src/common/hw_features_common.c
index e61f824..e589a1a 100644
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
@@ -176,10 +176,8 @@
size_t i;
int match;
- if (!mode || !scan_res || !pri_chan || !sec_chan)
- return 0;
-
- if (pri_chan == sec_chan)
+ if (!mode || !scan_res || !pri_chan || !sec_chan ||
+ pri_chan == sec_chan)
return 0;
pri_freq = hw_get_freq(mode, pri_chan);
@@ -237,7 +235,8 @@
}
-int check_20mhz_bss(struct wpa_scan_res *bss, int pri_freq, int start, int end)
+static int check_20mhz_bss(struct wpa_scan_res *bss, int pri_freq, int start,
+ int end)
{
struct ieee802_11_elems elems;
struct ieee80211_ht_operation *oper;
@@ -372,11 +371,10 @@
if (data->vht_enabled) switch (vht_oper_chwidth) {
case VHT_CHANWIDTH_USE_HT:
- if (center_segment1)
- return -1;
- if (center_segment0 != 0 &&
- 5000 + center_segment0 * 5 != data->center_freq1 &&
- 2407 + center_segment0 * 5 != data->center_freq1)
+ if (center_segment1 ||
+ (center_segment0 != 0 &&
+ 5000 + center_segment0 * 5 != data->center_freq1 &&
+ 2407 + center_segment0 * 5 != data->center_freq1))
return -1;
break;
case VHT_CHANWIDTH_80P80MHZ:
@@ -392,11 +390,9 @@
/* fall through */
case VHT_CHANWIDTH_80MHZ:
data->bandwidth = 80;
- if (vht_oper_chwidth == 1 && center_segment1)
- return -1;
- if (vht_oper_chwidth == 3 && !center_segment1)
- return -1;
- if (!sec_channel_offset)
+ if ((vht_oper_chwidth == 1 && center_segment1) ||
+ (vht_oper_chwidth == 3 && !center_segment1) ||
+ !sec_channel_offset)
return -1;
if (!center_segment0) {
if (channel <= 48)
diff --git a/src/common/hw_features_common.h b/src/common/hw_features_common.h
index 7f43d00..7360b4e 100644
--- a/src/common/hw_features_common.h
+++ b/src/common/hw_features_common.h
@@ -26,7 +26,6 @@
int check_40mhz_5g(struct hostapd_hw_modes *mode,
struct wpa_scan_results *scan_res, int pri_chan,
int sec_chan);
-int check_20mhz_bss(struct wpa_scan_res *bss, int pri_freq, int start, int end);
int check_40mhz_2g4(struct hostapd_hw_modes *mode,
struct wpa_scan_results *scan_res, int pri_chan,
int sec_chan);
diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c
index 82dd707..5385faf 100644
--- a/src/common/ieee802_11_common.c
+++ b/src/common/ieee802_11_common.c
@@ -504,14 +504,14 @@
ac->aifs = v;
} else if (os_strcmp(pos, "cwmin") == 0) {
v = atoi(val);
- if (v < 0 || v > 12) {
+ if (v < 0 || v > 15) {
wpa_printf(MSG_ERROR, "Invalid cwMin value %d", v);
return -1;
}
ac->cwmin = v;
} else if (os_strcmp(pos, "cwmax") == 0) {
v = atoi(val);
- if (v < 0 || v > 12) {
+ if (v < 0 || v > 15) {
wpa_printf(MSG_ERROR, "Invalid cwMax value %d", v);
return -1;
}
diff --git a/src/common/sae.c b/src/common/sae.c
index 5888958..503fa1d 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1,6 +1,6 @@
/*
* Simultaneous authentication of equals
- * Copyright (c) 2012-2013, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2012-2015, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -124,9 +124,7 @@
return NULL;
for (;;) {
- if (iter++ > 100)
- return NULL;
- if (random_get_bytes(val, order_len) < 0)
+ if (iter++ > 100 || random_get_bytes(val, order_len) < 0)
return NULL;
if (order_len_bits % 8)
buf_shift_right(val, order_len, 8 - order_len_bits % 8);
@@ -171,17 +169,107 @@
}
-static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed,
- struct crypto_ec_point *pwe)
+static struct crypto_bignum *
+get_rand_1_to_p_1(const u8 *prime, size_t prime_len, size_t prime_bits,
+ int *r_odd)
{
- u8 pwd_value[SAE_MAX_ECC_PRIME_LEN], prime[SAE_MAX_ECC_PRIME_LEN];
- struct crypto_bignum *x;
- int y_bit;
+ for (;;) {
+ struct crypto_bignum *r;
+ u8 tmp[SAE_MAX_ECC_PRIME_LEN];
+
+ if (random_get_bytes(tmp, prime_len) < 0)
+ break;
+ if (prime_bits % 8)
+ buf_shift_right(tmp, prime_len, 8 - prime_bits % 8);
+ if (os_memcmp(tmp, prime, prime_len) >= 0)
+ continue;
+ r = crypto_bignum_init_set(tmp, prime_len);
+ if (!r)
+ break;
+ if (crypto_bignum_is_zero(r)) {
+ crypto_bignum_deinit(r, 0);
+ continue;
+ }
+
+ *r_odd = tmp[prime_len - 1] & 0x01;
+ return r;
+ }
+
+ return NULL;
+}
+
+
+static int is_quadratic_residue_blind(struct sae_data *sae,
+ const u8 *prime, size_t bits,
+ const struct crypto_bignum *qr,
+ const struct crypto_bignum *qnr,
+ const struct crypto_bignum *y_sqr)
+{
+ struct crypto_bignum *r, *num;
+ int r_odd, check, res = -1;
+
+ /*
+ * Use the blinding technique to mask y_sqr while determining
+ * whether it is a quadratic residue modulo p to avoid leaking
+ * timing information while determining the Legendre symbol.
+ *
+ * v = y_sqr
+ * r = a random number between 1 and p-1, inclusive
+ * num = (v * r * r) modulo p
+ */
+ r = get_rand_1_to_p_1(prime, sae->tmp->prime_len, bits, &r_odd);
+ if (!r)
+ return -1;
+
+ num = crypto_bignum_init();
+ if (!num ||
+ crypto_bignum_mulmod(y_sqr, r, sae->tmp->prime, num) < 0 ||
+ crypto_bignum_mulmod(num, r, sae->tmp->prime, num) < 0)
+ goto fail;
+
+ if (r_odd) {
+ /*
+ * num = (num * qr) module p
+ * LGR(num, p) = 1 ==> quadratic residue
+ */
+ if (crypto_bignum_mulmod(num, qr, sae->tmp->prime, num) < 0)
+ goto fail;
+ check = 1;
+ } else {
+ /*
+ * num = (num * qnr) module p
+ * LGR(num, p) = -1 ==> quadratic residue
+ */
+ if (crypto_bignum_mulmod(num, qnr, sae->tmp->prime, num) < 0)
+ goto fail;
+ check = -1;
+ }
+
+ res = crypto_bignum_legendre(num, sae->tmp->prime);
+ if (res == -2) {
+ res = -1;
+ goto fail;
+ }
+ res = res == check;
+fail:
+ crypto_bignum_deinit(num, 1);
+ crypto_bignum_deinit(r, 1);
+ return res;
+}
+
+
+static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed,
+ const u8 *prime,
+ const struct crypto_bignum *qr,
+ const struct crypto_bignum *qnr,
+ struct crypto_bignum **ret_x_cand)
+{
+ u8 pwd_value[SAE_MAX_ECC_PRIME_LEN];
+ struct crypto_bignum *y_sqr, *x_cand;
+ int res;
size_t bits;
- if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime),
- sae->tmp->prime_len) < 0)
- return -1;
+ *ret_x_cand = NULL;
wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN);
@@ -197,20 +285,23 @@
if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
return 0;
- y_bit = pwd_seed[SHA256_MAC_LEN - 1] & 0x01;
-
- x = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
- if (x == NULL)
+ x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
+ if (!x_cand)
return -1;
- if (crypto_ec_point_solve_y_coord(sae->tmp->ec, pwe, x, y_bit) < 0) {
- crypto_bignum_deinit(x, 0);
- wpa_printf(MSG_DEBUG, "SAE: No solution found");
- return 0;
+ y_sqr = crypto_ec_point_compute_y_sqr(sae->tmp->ec, x_cand);
+ if (!y_sqr) {
+ crypto_bignum_deinit(x_cand, 1);
+ return -1;
}
- crypto_bignum_deinit(x, 0);
- wpa_printf(MSG_DEBUG, "SAE: PWE found");
+ res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr);
+ crypto_bignum_deinit(y_sqr, 1);
+ if (res <= 0) {
+ crypto_bignum_deinit(x_cand, 1);
+ return res;
+ }
+ *ret_x_cand = x_cand;
return 1;
}
@@ -288,24 +379,77 @@
}
+static int get_random_qr_qnr(const u8 *prime, size_t prime_len,
+ const struct crypto_bignum *prime_bn,
+ size_t prime_bits, struct crypto_bignum **qr,
+ struct crypto_bignum **qnr)
+{
+ *qr = NULL;
+ *qnr = NULL;
+
+ while (!(*qr) || !(*qnr)) {
+ u8 tmp[SAE_MAX_ECC_PRIME_LEN];
+ struct crypto_bignum *q;
+ int res;
+
+ if (random_get_bytes(tmp, prime_len) < 0)
+ break;
+ if (prime_bits % 8)
+ buf_shift_right(tmp, prime_len, 8 - prime_bits % 8);
+ if (os_memcmp(tmp, prime, prime_len) >= 0)
+ continue;
+ q = crypto_bignum_init_set(tmp, prime_len);
+ if (!q)
+ break;
+ res = crypto_bignum_legendre(q, prime_bn);
+
+ if (res == 1 && !(*qr))
+ *qr = q;
+ else if (res == -1 && !(*qnr))
+ *qnr = q;
+ else
+ crypto_bignum_deinit(q, 0);
+ }
+
+ return (*qr && *qnr) ? 0 : -1;
+}
+
+
static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
const u8 *addr2, const u8 *password,
size_t password_len)
{
- u8 counter, k = 4;
+ u8 counter, k = 40;
u8 addrs[2 * ETH_ALEN];
const u8 *addr[2];
size_t len[2];
- int found = 0;
- struct crypto_ec_point *pwe_tmp;
+ u8 dummy_password[32];
+ size_t dummy_password_len;
+ int pwd_seed_odd = 0;
+ u8 prime[SAE_MAX_ECC_PRIME_LEN];
+ size_t prime_len;
+ struct crypto_bignum *x = NULL, *qr, *qnr;
+ size_t bits;
+ int res;
- if (sae->tmp->pwe_ecc == NULL) {
- sae->tmp->pwe_ecc = crypto_ec_point_init(sae->tmp->ec);
- if (sae->tmp->pwe_ecc == NULL)
- return -1;
- }
- pwe_tmp = crypto_ec_point_init(sae->tmp->ec);
- if (pwe_tmp == NULL)
+ dummy_password_len = password_len;
+ if (dummy_password_len > sizeof(dummy_password))
+ dummy_password_len = sizeof(dummy_password);
+ if (random_get_bytes(dummy_password, dummy_password_len) < 0)
+ return -1;
+
+ prime_len = sae->tmp->prime_len;
+ if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime),
+ prime_len) < 0)
+ return -1;
+ bits = crypto_ec_prime_len_bits(sae->tmp->ec);
+
+ /*
+ * Create a random quadratic residue (qr) and quadratic non-residue
+ * (qnr) modulo p for blinding purposes during the loop.
+ */
+ if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits,
+ &qr, &qnr) < 0)
return -1;
wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password",
@@ -313,8 +457,9 @@
/*
* H(salt, ikm) = HMAC-SHA256(salt, ikm)
+ * base = password
* pwd-seed = H(MAX(STA-A-MAC, STA-B-MAC) || MIN(STA-A-MAC, STA-B-MAC),
- * password || counter)
+ * base || counter)
*/
sae_pwd_seed_key(addr1, addr2, addrs);
@@ -328,9 +473,9 @@
* attacks that attempt to determine the number of iterations required
* in the loop.
*/
- for (counter = 1; counter < k || !found; counter++) {
+ for (counter = 1; counter <= k || !x; counter++) {
u8 pwd_seed[SHA256_MAC_LEN];
- int res;
+ struct crypto_bignum *x_cand;
if (counter > 200) {
/* This should not happen in practice */
@@ -342,25 +487,58 @@
if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len,
pwd_seed) < 0)
break;
+
res = sae_test_pwd_seed_ecc(sae, pwd_seed,
- found ? pwe_tmp :
- sae->tmp->pwe_ecc);
+ prime, qr, qnr, &x_cand);
if (res < 0)
- break;
- if (res == 0)
- continue;
- if (found) {
- wpa_printf(MSG_DEBUG, "SAE: Ignore this PWE (one was "
- "already selected)");
- } else {
- wpa_printf(MSG_DEBUG, "SAE: Use this PWE");
- found = 1;
+ goto fail;
+ if (res > 0 && !x) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Selected pwd-seed with counter %u",
+ counter);
+ x = x_cand;
+ pwd_seed_odd = pwd_seed[SHA256_MAC_LEN - 1] & 0x01;
+ os_memset(pwd_seed, 0, sizeof(pwd_seed));
+
+ /*
+ * Use a dummy password for the following rounds, if
+ * any.
+ */
+ addr[0] = dummy_password;
+ len[0] = dummy_password_len;
+ } else if (res > 0) {
+ crypto_bignum_deinit(x_cand, 1);
}
}
- crypto_ec_point_deinit(pwe_tmp, 1);
+ if (!x) {
+ wpa_printf(MSG_DEBUG, "SAE: Could not generate PWE");
+ res = -1;
+ goto fail;
+ }
- return found ? 0 : -1;
+ if (!sae->tmp->pwe_ecc)
+ sae->tmp->pwe_ecc = crypto_ec_point_init(sae->tmp->ec);
+ if (!sae->tmp->pwe_ecc)
+ res = -1;
+ else
+ res = crypto_ec_point_solve_y_coord(sae->tmp->ec,
+ sae->tmp->pwe_ecc, x,
+ pwd_seed_odd);
+ crypto_bignum_deinit(x, 1);
+ if (res < 0) {
+ /*
+ * This should not happen since we already checked that there
+ * is a result.
+ */
+ wpa_printf(MSG_DEBUG, "SAE: Could not solve y");
+ }
+
+fail:
+ crypto_bignum_deinit(qr, 0);
+ crypto_bignum_deinit(qnr, 0);
+
+ return res;
}
@@ -472,27 +650,41 @@
{
struct crypto_bignum *mask;
int ret = -1;
+ unsigned int counter = 0;
- mask = sae_get_rand_and_mask(sae);
- if (mask == NULL) {
- wpa_printf(MSG_DEBUG, "SAE: Could not get rand/mask");
- return -1;
- }
+ do {
+ counter++;
+ if (counter > 100) {
+ /*
+ * This cannot really happen in practice if the random
+ * number generator is working. Anyway, to avoid even a
+ * theoretical infinite loop, break out after 100
+ * attemps.
+ */
+ return -1;
+ }
- /* commit-scalar = (rand + mask) modulo r */
- if (!sae->tmp->own_commit_scalar) {
- sae->tmp->own_commit_scalar = crypto_bignum_init();
- if (!sae->tmp->own_commit_scalar)
- goto fail;
- }
- crypto_bignum_add(sae->tmp->sae_rand, mask,
- sae->tmp->own_commit_scalar);
- crypto_bignum_mod(sae->tmp->own_commit_scalar, sae->tmp->order,
- sae->tmp->own_commit_scalar);
+ mask = sae_get_rand_and_mask(sae);
+ if (mask == NULL) {
+ wpa_printf(MSG_DEBUG, "SAE: Could not get rand/mask");
+ return -1;
+ }
- if (sae->tmp->ec && sae_derive_commit_element_ecc(sae, mask) < 0)
- goto fail;
- if (sae->tmp->dh && sae_derive_commit_element_ffc(sae, mask) < 0)
+ /* commit-scalar = (rand + mask) modulo r */
+ if (!sae->tmp->own_commit_scalar) {
+ sae->tmp->own_commit_scalar = crypto_bignum_init();
+ if (!sae->tmp->own_commit_scalar)
+ goto fail;
+ }
+ crypto_bignum_add(sae->tmp->sae_rand, mask,
+ sae->tmp->own_commit_scalar);
+ crypto_bignum_mod(sae->tmp->own_commit_scalar, sae->tmp->order,
+ sae->tmp->own_commit_scalar);
+ } while (crypto_bignum_is_zero(sae->tmp->own_commit_scalar) ||
+ crypto_bignum_is_one(sae->tmp->own_commit_scalar));
+
+ if ((sae->tmp->ec && sae_derive_commit_element_ecc(sae, mask) < 0) ||
+ (sae->tmp->dh && sae_derive_commit_element_ffc(sae, mask) < 0))
goto fail;
ret = 0;
@@ -506,15 +698,12 @@
const u8 *password, size_t password_len,
struct sae_data *sae)
{
- if (sae->tmp == NULL)
- return -1;
- if (sae->tmp->ec && sae_derive_pwe_ecc(sae, addr1, addr2, password,
- password_len) < 0)
- return -1;
- if (sae->tmp->dh && sae_derive_pwe_ffc(sae, addr1, addr2, password,
- password_len) < 0)
- return -1;
- if (sae_derive_commit(sae) < 0)
+ if (sae->tmp == NULL ||
+ (sae->tmp->ec && sae_derive_pwe_ecc(sae, addr1, addr2, password,
+ password_len) < 0) ||
+ (sae->tmp->dh && sae_derive_pwe_ffc(sae, addr1, addr2, password,
+ password_len) < 0) ||
+ sae_derive_commit(sae) < 0)
return -1;
return 0;
}
@@ -780,8 +969,9 @@
return WLAN_STATUS_UNSPECIFIED_FAILURE;
}
- /* 0 < scalar < r */
+ /* 1 < scalar < r */
if (crypto_bignum_is_zero(peer_scalar) ||
+ crypto_bignum_is_one(peer_scalar) ||
crypto_bignum_cmp(peer_scalar, sae->tmp->order) >= 0) {
wpa_printf(MSG_DEBUG, "SAE: Invalid peer scalar");
crypto_bignum_deinit(peer_scalar, 0);
@@ -847,7 +1037,8 @@
static u16 sae_parse_commit_element_ffc(struct sae_data *sae, const u8 *pos,
const u8 *end)
{
- struct crypto_bignum *res;
+ struct crypto_bignum *res, *one;
+ const u8 one_bin[1] = { 0x01 };
if (pos + sae->tmp->prime_len > end) {
wpa_printf(MSG_DEBUG, "SAE: Not enough data for "
@@ -862,18 +1053,23 @@
crypto_bignum_init_set(pos, sae->tmp->prime_len);
if (sae->tmp->peer_commit_element_ffc == NULL)
return WLAN_STATUS_UNSPECIFIED_FAILURE;
- if (crypto_bignum_is_zero(sae->tmp->peer_commit_element_ffc) ||
+ /* 1 < element < p - 1 */
+ res = crypto_bignum_init();
+ one = crypto_bignum_init_set(one_bin, sizeof(one_bin));
+ if (!res || !one ||
+ crypto_bignum_sub(sae->tmp->prime, one, res) ||
+ crypto_bignum_is_zero(sae->tmp->peer_commit_element_ffc) ||
crypto_bignum_is_one(sae->tmp->peer_commit_element_ffc) ||
- crypto_bignum_cmp(sae->tmp->peer_commit_element_ffc,
- sae->tmp->prime) >= 0) {
+ crypto_bignum_cmp(sae->tmp->peer_commit_element_ffc, res) >= 0) {
+ crypto_bignum_deinit(res, 0);
+ crypto_bignum_deinit(one, 0);
wpa_printf(MSG_DEBUG, "SAE: Invalid peer element");
return WLAN_STATUS_UNSPECIFIED_FAILURE;
}
+ crypto_bignum_deinit(one, 0);
/* scalar-op(r, ELEMENT) = 1 modulo p */
- res = crypto_bignum_init();
- if (res == NULL ||
- crypto_bignum_exptmod(sae->tmp->peer_commit_element_ffc,
+ if (crypto_bignum_exptmod(sae->tmp->peer_commit_element_ffc,
sae->tmp->order, sae->tmp->prime, res) < 0 ||
!crypto_bignum_is_one(res)) {
wpa_printf(MSG_DEBUG, "SAE: Invalid peer element (scalar-op)");
@@ -918,7 +1114,34 @@
return res;
/* commit-element */
- return sae_parse_commit_element(sae, pos, end);
+ res = sae_parse_commit_element(sae, pos, end);
+ if (res != WLAN_STATUS_SUCCESS)
+ return res;
+
+ /*
+ * Check whether peer-commit-scalar and PEER-COMMIT-ELEMENT are same as
+ * the values we sent which would be evidence of a reflection attack.
+ */
+ if (!sae->tmp->own_commit_scalar ||
+ crypto_bignum_cmp(sae->tmp->own_commit_scalar,
+ sae->peer_commit_scalar) != 0 ||
+ (sae->tmp->dh &&
+ (!sae->tmp->own_commit_element_ffc ||
+ crypto_bignum_cmp(sae->tmp->own_commit_element_ffc,
+ sae->tmp->peer_commit_element_ffc) != 0)) ||
+ (sae->tmp->ec &&
+ (!sae->tmp->own_commit_element_ecc ||
+ crypto_ec_point_cmp(sae->tmp->ec,
+ sae->tmp->own_commit_element_ecc,
+ sae->tmp->peer_commit_element_ecc) != 0)))
+ return WLAN_STATUS_SUCCESS; /* scalars/elements are different */
+
+ /*
+ * This is a reflection attack - return special value to trigger caller
+ * to silently discard the frame instead of replying with a specific
+ * status code.
+ */
+ return SAE_SILENTLY_DISCARD;
}
diff --git a/src/common/sae.h b/src/common/sae.h
index 3ebf40c..c07026c 100644
--- a/src/common/sae.h
+++ b/src/common/sae.h
@@ -18,6 +18,9 @@
#define SAE_COMMIT_MAX_LEN (2 + 3 * SAE_MAX_PRIME_LEN)
#define SAE_CONFIRM_MAX_LEN (2 + SAE_MAX_PRIME_LEN)
+/* Special value returned by sae_parse_commit() */
+#define SAE_SILENTLY_DISCARD 65535
+
struct sae_temporary_data {
u8 kck[SAE_KCK_LEN];
struct crypto_bignum *own_commit_scalar;
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index a0747b4..e485b5b 100644
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -432,14 +432,10 @@
{
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_NONE)
return WPA_CIPHER_NONE;
- if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_WEP40)
- return WPA_CIPHER_WEP40;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_TKIP)
return WPA_CIPHER_TKIP;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP)
return WPA_CIPHER_CCMP;
- if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_WEP104)
- return WPA_CIPHER_WEP104;
#ifdef CONFIG_IEEE80211W
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_AES_128_CMAC)
return WPA_CIPHER_AES_128_CMAC;
@@ -499,8 +495,6 @@
static int wpa_cipher_valid_group(int cipher)
{
return wpa_cipher_valid_pairwise(cipher) ||
- cipher == WPA_CIPHER_WEP104 ||
- cipher == WPA_CIPHER_WEP40 ||
cipher == WPA_CIPHER_GTK_NOT_USED;
}
@@ -695,14 +689,10 @@
{
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_NONE)
return WPA_CIPHER_NONE;
- if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP40)
- return WPA_CIPHER_WEP40;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_TKIP)
return WPA_CIPHER_TKIP;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_CCMP)
return WPA_CIPHER_CCMP;
- if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP104)
- return WPA_CIPHER_WEP104;
return 0;
}
@@ -737,11 +727,6 @@
data->num_pmkid = 0;
data->mgmt_group_cipher = 0;
- if (wpa_ie_len == 0) {
- /* No WPA IE - fail silently */
- return -1;
- }
-
if (wpa_ie_len < sizeof(struct wpa_ie_hdr)) {
wpa_printf(MSG_DEBUG, "%s: ie len too short %lu",
__func__, (unsigned long) wpa_ie_len);
@@ -1363,10 +1348,6 @@
return 16;
case WPA_CIPHER_TKIP:
return 32;
- case WPA_CIPHER_WEP104:
- return 13;
- case WPA_CIPHER_WEP40:
- return 5;
}
return 0;
@@ -1382,9 +1363,6 @@
case WPA_CIPHER_GCMP:
case WPA_CIPHER_TKIP:
return 6;
- case WPA_CIPHER_WEP104:
- case WPA_CIPHER_WEP40:
- return 0;
}
return 0;
@@ -1404,9 +1382,6 @@
return WPA_ALG_GCMP;
case WPA_CIPHER_TKIP:
return WPA_ALG_TKIP;
- case WPA_CIPHER_WEP104:
- case WPA_CIPHER_WEP40:
- return WPA_ALG_WEP;
case WPA_CIPHER_AES_128_CMAC:
return WPA_ALG_IGTK;
case WPA_CIPHER_BIP_GMAC_128:
@@ -1444,12 +1419,6 @@
if (cipher & WPA_CIPHER_TKIP)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_TKIP : WPA_CIPHER_SUITE_TKIP);
- if (cipher & WPA_CIPHER_WEP104)
- return (proto == WPA_PROTO_RSN ?
- RSN_CIPHER_SUITE_WEP104 : WPA_CIPHER_SUITE_WEP104);
- if (cipher & WPA_CIPHER_WEP40)
- return (proto == WPA_PROTO_RSN ?
- RSN_CIPHER_SUITE_WEP40 : WPA_CIPHER_SUITE_WEP40);
if (cipher & WPA_CIPHER_NONE)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_NONE : WPA_CIPHER_SUITE_NONE);
@@ -1553,10 +1522,6 @@
return WPA_CIPHER_GTK_NOT_USED;
if (ciphers & WPA_CIPHER_TKIP)
return WPA_CIPHER_TKIP;
- if (ciphers & WPA_CIPHER_WEP104)
- return WPA_CIPHER_WEP104;
- if (ciphers & WPA_CIPHER_WEP40)
- return WPA_CIPHER_WEP40;
return -1;
}
@@ -1654,20 +1619,6 @@
return -1;
pos += ret;
}
- if (ciphers & WPA_CIPHER_WEP104) {
- ret = os_snprintf(pos, end - pos, "%sWEP104",
- pos == start ? "" : delim);
- if (os_snprintf_error(end - pos, ret))
- return -1;
- pos += ret;
- }
- if (ciphers & WPA_CIPHER_WEP40) {
- ret = os_snprintf(pos, end - pos, "%sWEP40",
- pos == start ? "" : delim);
- if (os_snprintf_error(end - pos, ret))
- return -1;
- pos += ret;
- }
if (ciphers & WPA_CIPHER_NONE) {
ret = os_snprintf(pos, end - pos, "%sNONE",
pos == start ? "" : delim);
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 29c3503..d7a590f 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -22,8 +22,8 @@
(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE | \
WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256)
#define WPA_ALLOWED_GROUP_CIPHERS \
-(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | WPA_CIPHER_WEP104 | \
-WPA_CIPHER_WEP40 | WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256 | \
+(WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_TKIP | \
+WPA_CIPHER_GCMP_256 | WPA_CIPHER_CCMP_256 | \
WPA_CIPHER_GTK_NOT_USED)
#define WPA_SELECTOR_LEN 4
@@ -40,13 +40,8 @@
#define WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X RSN_SELECTOR(0x00, 0x50, 0xf2, 2)
#define WPA_AUTH_KEY_MGMT_CCKM RSN_SELECTOR(0x00, 0x40, 0x96, 0)
#define WPA_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x50, 0xf2, 0)
-#define WPA_CIPHER_SUITE_WEP40 RSN_SELECTOR(0x00, 0x50, 0xf2, 1)
#define WPA_CIPHER_SUITE_TKIP RSN_SELECTOR(0x00, 0x50, 0xf2, 2)
-#if 0
-#define WPA_CIPHER_SUITE_WRAP RSN_SELECTOR(0x00, 0x50, 0xf2, 3)
-#endif
#define WPA_CIPHER_SUITE_CCMP RSN_SELECTOR(0x00, 0x50, 0xf2, 4)
-#define WPA_CIPHER_SUITE_WEP104 RSN_SELECTOR(0x00, 0x50, 0xf2, 5)
#define RSN_AUTH_KEY_MGMT_UNSPEC_802_1X RSN_SELECTOR(0x00, 0x0f, 0xac, 1)
@@ -68,13 +63,11 @@
#define RSN_AUTH_KEY_MGMT_OSEN RSN_SELECTOR(0x50, 0x6f, 0x9a, 0x01)
#define RSN_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x0f, 0xac, 0)
-#define RSN_CIPHER_SUITE_WEP40 RSN_SELECTOR(0x00, 0x0f, 0xac, 1)
#define RSN_CIPHER_SUITE_TKIP RSN_SELECTOR(0x00, 0x0f, 0xac, 2)
#if 0
#define RSN_CIPHER_SUITE_WRAP RSN_SELECTOR(0x00, 0x0f, 0xac, 3)
#endif
#define RSN_CIPHER_SUITE_CCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 4)
-#define RSN_CIPHER_SUITE_WEP104 RSN_SELECTOR(0x00, 0x0f, 0xac, 5)
#define RSN_CIPHER_SUITE_AES_128_CMAC RSN_SELECTOR(0x00, 0x0f, 0xac, 6)
#define RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED RSN_SELECTOR(0x00, 0x0f, 0xac, 7)
#define RSN_CIPHER_SUITE_GCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 8)
diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h
index e3a816f..e700523 100644
--- a/src/common/wpa_ctrl.h
+++ b/src/common/wpa_ctrl.h
@@ -68,6 +68,8 @@
#define WPA_EVENT_BSS_ADDED "CTRL-EVENT-BSS-ADDED "
/** A BSS entry was removed (followed by BSS entry id and BSSID) */
#define WPA_EVENT_BSS_REMOVED "CTRL-EVENT-BSS-REMOVED "
+/** No suitable network was found */
+#define WPA_EVENT_NETWORK_NOT_FOUND "CTRL-EVENT-NETWORK-NOT-FOUND "
/** Change in the signal level was reported by the driver */
#define WPA_EVENT_SIGNAL_CHANGE "CTRL-EVENT-SIGNAL-CHANGE "
/** Regulatory domain channel */
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index f2d5662..534c4bd 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -614,6 +614,15 @@
int crypto_bignum_is_one(const struct crypto_bignum *a);
/**
+ * crypto_bignum_legendre - Compute the Legendre symbol (a/p)
+ * @a: Bignum
+ * @p: Bignum
+ * Returns: Legendre symbol -1,0,1 on success; -2 on calculation failure
+ */
+int crypto_bignum_legendre(const struct crypto_bignum *a,
+ const struct crypto_bignum *p);
+
+/**
* struct crypto_ec - Elliptic curve context
*
* Internal data structure for EC implementation. The contents is specific
@@ -758,6 +767,16 @@
const struct crypto_bignum *x, int y_bit);
/**
+ * crypto_ec_point_compute_y_sqr - Compute y^2 = x^3 + ax + b
+ * @e: EC context from crypto_ec_init()
+ * @x: x coordinate
+ * Returns: y^2 on success, %NULL failure
+ */
+struct crypto_bignum *
+crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
+ const struct crypto_bignum *x);
+
+/**
* crypto_ec_point_is_at_infinity - Check whether EC point is neutral element
* @e: EC context from crypto_ec_init()
* @p: EC point
@@ -776,4 +795,15 @@
int crypto_ec_point_is_on_curve(struct crypto_ec *e,
const struct crypto_ec_point *p);
+/**
+ * crypto_ec_point_cmp - Compare two EC points
+ * @e: EC context from crypto_ec_init()
+ * @a: EC point
+ * @b: EC point
+ * Returns: 0 on equal, non-zero otherwise
+ */
+int crypto_ec_point_cmp(const struct crypto_ec *e,
+ const struct crypto_ec_point *a,
+ const struct crypto_ec_point *b);
+
#endif /* CRYPTO_H */
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 9834b25..3703b93 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1107,6 +1107,42 @@
}
+int crypto_bignum_legendre(const struct crypto_bignum *a,
+ const struct crypto_bignum *p)
+{
+ BN_CTX *bnctx;
+ BIGNUM *exp = NULL, *tmp = NULL;
+ int res = -2;
+
+ bnctx = BN_CTX_new();
+ if (bnctx == NULL)
+ return -2;
+
+ exp = BN_new();
+ tmp = BN_new();
+ if (!exp || !tmp ||
+ /* exp = (p-1) / 2 */
+ !BN_sub(exp, (const BIGNUM *) p, BN_value_one()) ||
+ !BN_rshift1(exp, exp) ||
+ !BN_mod_exp(tmp, (const BIGNUM *) a, exp, (const BIGNUM *) p,
+ bnctx))
+ goto fail;
+
+ if (BN_is_word(tmp, 1))
+ res = 1;
+ else if (BN_is_zero(tmp))
+ res = 0;
+ else
+ res = -1;
+
+fail:
+ BN_clear_free(tmp);
+ BN_clear_free(exp);
+ BN_CTX_free(bnctx);
+ return res;
+}
+
+
#ifdef CONFIG_ECC
struct crypto_ec {
@@ -1114,6 +1150,8 @@
BN_CTX *bnctx;
BIGNUM *prime;
BIGNUM *order;
+ BIGNUM *a;
+ BIGNUM *b;
};
struct crypto_ec * crypto_ec_init(int group)
@@ -1138,6 +1176,26 @@
case 26:
nid = NID_secp224r1;
break;
+#ifdef NID_brainpoolP224r1
+ case 27:
+ nid = NID_brainpoolP224r1;
+ break;
+#endif /* NID_brainpoolP224r1 */
+#ifdef NID_brainpoolP256r1
+ case 28:
+ nid = NID_brainpoolP256r1;
+ break;
+#endif /* NID_brainpoolP256r1 */
+#ifdef NID_brainpoolP384r1
+ case 29:
+ nid = NID_brainpoolP384r1;
+ break;
+#endif /* NID_brainpoolP384r1 */
+#ifdef NID_brainpoolP512r1
+ case 30:
+ nid = NID_brainpoolP512r1;
+ break;
+#endif /* NID_brainpoolP512r1 */
default:
return NULL;
}
@@ -1150,9 +1208,11 @@
e->group = EC_GROUP_new_by_curve_name(nid);
e->prime = BN_new();
e->order = BN_new();
+ e->a = BN_new();
+ e->b = BN_new();
if (e->group == NULL || e->bnctx == NULL || e->prime == NULL ||
- e->order == NULL ||
- !EC_GROUP_get_curve_GFp(e->group, e->prime, NULL, NULL, e->bnctx) ||
+ e->order == NULL || e->a == NULL || e->b == NULL ||
+ !EC_GROUP_get_curve_GFp(e->group, e->prime, e->a, e->b, e->bnctx) ||
!EC_GROUP_get_order(e->group, e->order, e->bnctx)) {
crypto_ec_deinit(e);
e = NULL;
@@ -1166,6 +1226,8 @@
{
if (e == NULL)
return;
+ BN_clear_free(e->b);
+ BN_clear_free(e->a);
BN_clear_free(e->order);
BN_clear_free(e->prime);
EC_GROUP_free(e->group);
@@ -1313,6 +1375,33 @@
}
+struct crypto_bignum *
+crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
+ const struct crypto_bignum *x)
+{
+ BIGNUM *tmp, *tmp2, *y_sqr = NULL;
+
+ tmp = BN_new();
+ tmp2 = BN_new();
+
+ /* y^2 = x^3 + ax + b */
+ if (tmp && tmp2 &&
+ BN_mod_sqr(tmp, (const BIGNUM *) x, e->prime, e->bnctx) &&
+ BN_mod_mul(tmp, tmp, (const BIGNUM *) x, e->prime, e->bnctx) &&
+ BN_mod_mul(tmp2, e->a, (const BIGNUM *) x, e->prime, e->bnctx) &&
+ BN_mod_add_quick(tmp2, tmp2, tmp, e->prime) &&
+ BN_mod_add_quick(tmp2, tmp2, e->b, e->prime)) {
+ y_sqr = tmp2;
+ tmp2 = NULL;
+ }
+
+ BN_clear_free(tmp);
+ BN_clear_free(tmp2);
+
+ return (struct crypto_bignum *) y_sqr;
+}
+
+
int crypto_ec_point_is_at_infinity(struct crypto_ec *e,
const struct crypto_ec_point *p)
{
@@ -1323,7 +1412,17 @@
int crypto_ec_point_is_on_curve(struct crypto_ec *e,
const struct crypto_ec_point *p)
{
- return EC_POINT_is_on_curve(e->group, (const EC_POINT *) p, e->bnctx);
+ return EC_POINT_is_on_curve(e->group, (const EC_POINT *) p,
+ e->bnctx) == 1;
+}
+
+
+int crypto_ec_point_cmp(const struct crypto_ec *e,
+ const struct crypto_ec_point *a,
+ const struct crypto_ec_point *b)
+{
+ return EC_POINT_cmp(e->group, (const EC_POINT *) a,
+ (const EC_POINT *) b, e->bnctx);
}
#endif /* CONFIG_ECC */
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 37ab000..2250e6e 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -29,10 +29,6 @@
#include "sha1.h"
#include "tls.h"
-#if defined(SSL_CTX_get_app_data) && defined(SSL_CTX_set_app_data)
-#define OPENSSL_SUPPORTS_CTX_APP_DATA
-#endif
-
#if OPENSSL_VERSION_NUMBER < 0x10000000L
/* ERR_remove_thread_state replaces ERR_remove_state and the latter is
* deprecated. However, OpenSSL 0.9.8 doesn't include
@@ -793,24 +789,17 @@
PKCS12_PBE_add();
#endif /* PKCS12_FUNCS */
} else {
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
- /* Newer OpenSSL can store app-data per-SSL */
context = tls_context_new(conf);
if (context == NULL)
return NULL;
-#else /* OPENSSL_SUPPORTS_CTX_APP_DATA */
- context = tls_global;
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
}
tls_openssl_ref_count++;
ssl = SSL_CTX_new(SSLv23_method());
if (ssl == NULL) {
tls_openssl_ref_count--;
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
if (context != tls_global)
os_free(context);
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
if (tls_openssl_ref_count == 0) {
os_free(tls_global);
tls_global = NULL;
@@ -822,9 +811,7 @@
SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3);
SSL_CTX_set_info_callback(ssl, ssl_info_cb);
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
SSL_CTX_set_app_data(ssl, context);
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
#ifndef OPENSSL_NO_ENGINE
wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
@@ -862,11 +849,9 @@
void tls_deinit(void *ssl_ctx)
{
SSL_CTX *ssl = ssl_ctx;
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
struct tls_context *context = SSL_CTX_get_app_data(ssl);
if (context != tls_global)
os_free(context);
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
SSL_CTX_free(ssl);
tls_openssl_ref_count--;
@@ -1083,11 +1068,7 @@
SSL_CTX *ssl = ssl_ctx;
struct tls_connection *conn;
long options;
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
struct tls_context *context = SSL_CTX_get_app_data(ssl);
-#else /* OPENSSL_SUPPORTS_CTX_APP_DATA */
- struct tls_context *context = tls_global;
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
conn = os_zalloc(sizeof(*conn));
if (conn == NULL)
diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c
index aaada0a..b721c32 100644
--- a/src/drivers/driver_atheros.c
+++ b/src/drivers/driver_atheros.c
@@ -1682,8 +1682,7 @@
l2_packet_deinit(drv->sock_xmit);
if (drv->ioctl_sock >= 0)
close(drv->ioctl_sock);
- if (drv != NULL)
- free(drv);
+ os_free(drv);
return NULL;
}
@@ -1711,7 +1710,7 @@
l2_packet_deinit(drv->sock_xmit);
if (drv->sock_raw)
l2_packet_deinit(drv->sock_raw);
- free(drv);
+ os_free(drv);
}
static int
diff --git a/src/drivers/driver_bsd.c b/src/drivers/driver_bsd.c
index 0f1a0f6..9ac87b4 100644
--- a/src/drivers/driver_bsd.c
+++ b/src/drivers/driver_bsd.c
@@ -861,8 +861,7 @@
if (drv->sock >= 0)
close(drv->sock);
os_free(drv->event_buf);
- if (drv != NULL)
- os_free(drv);
+ os_free(drv);
return NULL;
}
diff --git a/src/drivers/driver_hostap.c b/src/drivers/driver_hostap.c
index 14c52d2..8835005 100644
--- a/src/drivers/driver_hostap.c
+++ b/src/drivers/driver_hostap.c
@@ -322,7 +322,7 @@
"failed: %d (%s)",
(unsigned long) len, errno, strerror(errno));
}
- free(hdr);
+ os_free(hdr);
return res;
}
@@ -471,18 +471,18 @@
param = (struct prism2_hostapd_param *) buf;
param->cmd = PRISM2_GET_ENCRYPTION;
if (addr == NULL)
- memset(param->sta_addr, 0xff, ETH_ALEN);
+ os_memset(param->sta_addr, 0xff, ETH_ALEN);
else
- memcpy(param->sta_addr, addr, ETH_ALEN);
+ os_memcpy(param->sta_addr, addr, ETH_ALEN);
param->u.crypt.idx = idx;
if (hostapd_ioctl(drv, param, blen)) {
printf("Failed to get encryption.\n");
ret = -1;
} else {
- memcpy(seq, param->u.crypt.seq, 8);
+ os_memcpy(seq, param->u.crypt.seq, 8);
}
- free(buf);
+ os_free(buf);
return ret;
}
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 20f5321..f74422b 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8509,7 +8509,9 @@
.set_ap_wps_ie = wpa_driver_set_ap_wps_p2p_ie,
#endif /* ANDROID_P2P */
#ifdef ANDROID
+#ifndef ANDROID_LIB_STUB
.driver_cmd = wpa_driver_nl80211_driver_cmd,
+#endif /* !ANDROID_LIB_STUB */
#endif /* ANDROID */
.vendor_cmd = nl80211_vendor_cmd,
.set_qos_map = nl80211_set_qos_map,
diff --git a/src/drivers/driver_nl80211_android.c b/src/drivers/driver_nl80211_android.c
index f3a39f6..ba47888 100644
--- a/src/drivers/driver_nl80211_android.c
+++ b/src/drivers/driver_nl80211_android.c
@@ -151,7 +151,7 @@
#ifdef ANDROID_P2P
-#ifdef ANDROID_P2P_STUB
+#ifdef ANDROID_LIB_STUB
int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration)
{
@@ -178,7 +178,7 @@
return 0;
}
-#endif /* ANDROID_P2P_STUB */
+#endif /* ANDROID_LIB_STUB */
#endif /* ANDROID_P2P */
diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c
index 1f38d78..6651229 100644
--- a/src/eap_server/eap_server.c
+++ b/src/eap_server/eap_server.c
@@ -745,7 +745,7 @@
wpabuf_free(sm->lastReqData);
sm->lastReqData = NULL;
- if (flags & 0x80) {
+ if ((flags & 0x80) || !erp) {
sm->eap_if.eapFail = TRUE;
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
MACSTR, MAC2STR(sm->peer_addr));
diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index 16ffac4..b87ff96 100644
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -2315,6 +2315,19 @@
u8 i;
int p2ps_svc_found = 0;
+ p2p_dbg(p2p, "in_listen=%d drv_in_listen=%d when received P2PS Probe Request at %u MHz; own Listen channel %u, pending listen freq %u MHz",
+ p2p->in_listen, p2p->drv_in_listen, rx_freq,
+ p2p->cfg->channel, p2p->pending_listen_freq);
+
+ if (!p2p->in_listen && !p2p->drv_in_listen &&
+ p2p->pending_listen_freq && rx_freq &&
+ rx_freq != p2p->pending_listen_freq) {
+ p2p_dbg(p2p, "Do not reply to Probe Request frame that was received on %u MHz while waiting to start Listen state on %u MHz",
+ rx_freq, p2p->pending_listen_freq);
+ p2p_parse_free(&msg);
+ return P2P_PREQ_NOT_LISTEN;
+ }
+
for (i = 0; i < msg.service_hash_count; i++) {
if (p2p_service_find_asp(p2p, hash)) {
p2p_dbg(p2p, "Service Hash match found: "
@@ -2389,8 +2402,8 @@
return P2P_PREQ_NOT_PROCESSED;
}
- resp = NULL;
- resp = wpabuf_put(buf, resp->u.probe_resp.variable - (u8 *) resp);
+ resp = wpabuf_put(buf, offsetof(struct ieee80211_mgmt,
+ u.probe_resp.variable));
resp->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) |
(WLAN_FC_STYPE_PROBE_RESP << 4));
diff --git a/src/p2p/p2p_build.c b/src/p2p/p2p_build.c
index 6b6e770..c733543 100644
--- a/src/p2p/p2p_build.c
+++ b/src/p2p/p2p_build.c
@@ -557,7 +557,7 @@
struct p2ps_advertisement *adv_list)
{
struct p2ps_advertisement *adv;
- int p2ps_wildcard, found = 0;
+ int p2ps_wildcard;
size_t total_len;
struct wpabuf *tmp_buf = NULL;
u8 *pos, *attr_len, *ie_len = NULL;
@@ -593,7 +593,6 @@
/* org.wi-fi.wfds match found */
p2p_buf_add_service_info(tmp_buf, p2p, 0, 0, P2PS_WILD_HASH_STR,
&ie_len, &pos, &total_len, attr_len);
- found++;
}
/* add advertised service info of matching services */
@@ -613,12 +612,12 @@
&total_len,
attr_len))
break;
- found++;
+
test += P2PS_HASH_LEN;
}
}
- if (found)
+ if (total_len)
wpabuf_put_buf(buf, tmp_buf);
wpabuf_free(tmp_buf);
}
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 1c69955..bdb7e42 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -1711,8 +1711,10 @@
data->ipv6 = conf->ipv6;
if (conf->pac_opaque_encr_key) {
data->pac_opaque_encr_key = os_malloc(16);
- os_memcpy(data->pac_opaque_encr_key, conf->pac_opaque_encr_key,
- 16);
+ if (data->pac_opaque_encr_key) {
+ os_memcpy(data->pac_opaque_encr_key,
+ conf->pac_opaque_encr_key, 16);
+ }
}
if (conf->eap_fast_a_id) {
data->eap_fast_a_id = os_malloc(conf->eap_fast_a_id_len);
diff --git a/src/tls/libtommath.c b/src/tls/libtommath.c
index 251133e..8bc824f 100644
--- a/src/tls/libtommath.c
+++ b/src/tls/libtommath.c
@@ -1472,8 +1472,7 @@
cur_arg = va_arg(clean_args, mp_int*);
}
va_end(clean_args);
- res = MP_MEM;
- break;
+ return MP_MEM;
}
n++;
cur_arg = va_arg(args, mp_int*);
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 4a04b3f..4b45f8c 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -27,8 +27,9 @@
# Set Android extended P2P functionality
L_CFLAGS += -DANDROID_P2P
+
ifeq ($(BOARD_WPA_SUPPLICANT_PRIVATE_LIB),)
-L_CFLAGS += -DANDROID_P2P_STUB
+L_CFLAGS += -DANDROID_LIB_STUB
endif
# Disable roaming in wpa_supplicant
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 239c3e8..4d801cc 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -967,6 +967,13 @@
val = wpa_config_parse_cipher(line, value);
if (val == -1)
return -1;
+
+ /*
+ * Backwards compatibility - filter out WEP ciphers that were previously
+ * allowed.
+ */
+ val &= ~(WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40);
+
if (val & ~WPA_ALLOWED_GROUP_CIPHERS) {
wpa_printf(MSG_ERROR, "Line %d: not allowed group cipher "
"(0x%x).", line, val);
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index e946567..ae34f10 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -1016,13 +1016,13 @@
if (config->driver_param)
fprintf(f, "driver_param=%s\n", config->driver_param);
if (config->dot11RSNAConfigPMKLifetime)
- fprintf(f, "dot11RSNAConfigPMKLifetime=%d\n",
+ fprintf(f, "dot11RSNAConfigPMKLifetime=%u\n",
config->dot11RSNAConfigPMKLifetime);
if (config->dot11RSNAConfigPMKReauthThreshold)
- fprintf(f, "dot11RSNAConfigPMKReauthThreshold=%d\n",
+ fprintf(f, "dot11RSNAConfigPMKReauthThreshold=%u\n",
config->dot11RSNAConfigPMKReauthThreshold);
if (config->dot11RSNAConfigSATimeout)
- fprintf(f, "dot11RSNAConfigSATimeout=%d\n",
+ fprintf(f, "dot11RSNAConfigSATimeout=%u\n",
config->dot11RSNAConfigSATimeout);
if (config->update_config)
fprintf(f, "update_config=%d\n", config->update_config);
@@ -1070,27 +1070,27 @@
#endif /* CONFIG_WPS */
#ifdef CONFIG_P2P
if (config->p2p_listen_reg_class)
- fprintf(f, "p2p_listen_reg_class=%u\n",
+ fprintf(f, "p2p_listen_reg_class=%d\n",
config->p2p_listen_reg_class);
if (config->p2p_listen_channel)
- fprintf(f, "p2p_listen_channel=%u\n",
+ fprintf(f, "p2p_listen_channel=%d\n",
config->p2p_listen_channel);
if (config->p2p_oper_reg_class)
- fprintf(f, "p2p_oper_reg_class=%u\n",
+ fprintf(f, "p2p_oper_reg_class=%d\n",
config->p2p_oper_reg_class);
if (config->p2p_oper_channel)
- fprintf(f, "p2p_oper_channel=%u\n", config->p2p_oper_channel);
+ fprintf(f, "p2p_oper_channel=%d\n", config->p2p_oper_channel);
if (config->p2p_go_intent != DEFAULT_P2P_GO_INTENT)
- fprintf(f, "p2p_go_intent=%u\n", config->p2p_go_intent);
+ fprintf(f, "p2p_go_intent=%d\n", config->p2p_go_intent);
if (config->p2p_ssid_postfix)
fprintf(f, "p2p_ssid_postfix=%s\n", config->p2p_ssid_postfix);
if (config->persistent_reconnect)
- fprintf(f, "persistent_reconnect=%u\n",
+ fprintf(f, "persistent_reconnect=%d\n",
config->persistent_reconnect);
if (config->p2p_intra_bss != DEFAULT_P2P_INTRA_BSS)
- fprintf(f, "p2p_intra_bss=%u\n", config->p2p_intra_bss);
+ fprintf(f, "p2p_intra_bss=%d\n", config->p2p_intra_bss);
if (config->p2p_group_idle)
- fprintf(f, "p2p_group_idle=%u\n", config->p2p_group_idle);
+ fprintf(f, "p2p_group_idle=%d\n", config->p2p_group_idle);
if (config->p2p_passphrase_len)
fprintf(f, "p2p_passphrase_len=%u\n",
config->p2p_passphrase_len);
@@ -1118,22 +1118,21 @@
fprintf(f, "p2p_optimize_listen_chan=%d\n",
config->p2p_optimize_listen_chan);
if (config->p2p_go_ht40)
- fprintf(f, "p2p_go_ht40=%u\n", config->p2p_go_ht40);
+ fprintf(f, "p2p_go_ht40=%d\n", config->p2p_go_ht40);
if (config->p2p_go_vht)
- fprintf(f, "p2p_go_vht=%u\n", config->p2p_go_vht);
+ fprintf(f, "p2p_go_vht=%d\n", config->p2p_go_vht);
if (config->p2p_go_ctwindow != DEFAULT_P2P_GO_CTWINDOW)
- fprintf(f, "p2p_go_ctwindow=%u\n", config->p2p_go_ctwindow);
+ fprintf(f, "p2p_go_ctwindow=%d\n", config->p2p_go_ctwindow);
if (config->p2p_disabled)
- fprintf(f, "p2p_disabled=%u\n", config->p2p_disabled);
+ fprintf(f, "p2p_disabled=%d\n", config->p2p_disabled);
if (config->p2p_no_group_iface)
- fprintf(f, "p2p_no_group_iface=%u\n",
+ fprintf(f, "p2p_no_group_iface=%d\n",
config->p2p_no_group_iface);
if (config->p2p_ignore_shared_freq)
- fprintf(f, "p2p_ignore_shared_freq=%u\n",
+ fprintf(f, "p2p_ignore_shared_freq=%d\n",
config->p2p_ignore_shared_freq);
if (config->p2p_cli_probe)
- fprintf(f, "p2p_cli_probe=%u\n",
- config->p2p_cli_probe);
+ fprintf(f, "p2p_cli_probe=%d\n", config->p2p_cli_probe);
#endif /* CONFIG_P2P */
if (config->country[0] && config->country[1]) {
fprintf(f, "country=%c%c\n",
@@ -1153,14 +1152,14 @@
if (config->max_num_sta != DEFAULT_MAX_NUM_STA)
fprintf(f, "max_num_sta=%u\n", config->max_num_sta);
if (config->disassoc_low_ack)
- fprintf(f, "disassoc_low_ack=%u\n", config->disassoc_low_ack);
+ fprintf(f, "disassoc_low_ack=%d\n", config->disassoc_low_ack);
#ifdef CONFIG_HS20
if (config->hs20)
fprintf(f, "hs20=1\n");
#endif /* CONFIG_HS20 */
#ifdef CONFIG_INTERWORKING
if (config->interworking)
- fprintf(f, "interworking=%u\n", config->interworking);
+ fprintf(f, "interworking=%d\n", config->interworking);
if (!is_zero_ether_addr(config->hessid))
fprintf(f, "hessid=" MACSTR "\n", MAC2STR(config->hessid));
if (config->access_network_type != DEFAULT_ACCESS_NETWORK_TYPE)
@@ -1168,7 +1167,7 @@
config->access_network_type);
#endif /* CONFIG_INTERWORKING */
if (config->pbc_in_m1)
- fprintf(f, "pbc_in_m1=%u\n", config->pbc_in_m1);
+ fprintf(f, "pbc_in_m1=%d\n", config->pbc_in_m1);
if (config->wps_nfc_pw_from_config) {
if (config->wps_nfc_dev_pw_id)
fprintf(f, "wps_nfc_dev_pw_id=%d\n",
@@ -1227,7 +1226,7 @@
int i;
fprintf(f, "freq_list=");
for (i = 0; config->freq_list[i]; i++) {
- fprintf(f, "%s%u", i > 0 ? " " : "",
+ fprintf(f, "%s%d", i > 0 ? " " : "",
config->freq_list[i]);
}
fprintf(f, "\n");
@@ -1268,7 +1267,7 @@
fprintf(f, "preassoc_mac_addr=%d\n", config->preassoc_mac_addr);
if (config->key_mgmt_offload != DEFAULT_KEY_MGMT_OFFLOAD)
- fprintf(f, "key_mgmt_offload=%u\n", config->key_mgmt_offload);
+ fprintf(f, "key_mgmt_offload=%d\n", config->key_mgmt_offload);
if (config->user_mpm != DEFAULT_USER_MPM)
fprintf(f, "user_mpm=%d\n", config->user_mpm);
diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h
index dbb5a47..1c63e51 100644
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -20,8 +20,7 @@
#define DEFAULT_PROTO (WPA_PROTO_WPA | WPA_PROTO_RSN)
#define DEFAULT_KEY_MGMT (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X)
#define DEFAULT_PAIRWISE (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP)
-#define DEFAULT_GROUP (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | \
- WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)
+#define DEFAULT_GROUP (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP)
#define DEFAULT_FRAGMENT_SIZE 1398
#define DEFAULT_BG_SCAN_PERIOD -1
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 0c5ea8f..d0d70e9 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -4595,6 +4595,14 @@
} else
search_delay = wpas_p2p_search_delay(wpa_s);
+ pos = os_strstr(cmd, "freq=");
+ if (pos) {
+ pos += 5;
+ freq = atoi(pos);
+ if (freq <= 0)
+ return -1;
+ }
+
/* Must be searched for last, because it adds nul termination */
pos = os_strstr(cmd, " seek=");
if (pos)
@@ -4617,14 +4625,6 @@
seek_count = 1;
}
- pos = os_strstr(cmd, "freq=");
- if (pos) {
- pos += 5;
- freq = atoi(pos);
- if (freq <= 0)
- return -1;
- }
-
return wpas_p2p_find(wpa_s, timeout, type, _dev_type != NULL, _dev_type,
_dev_id, search_delay, seek_count, seek, freq);
}
diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
index a3bf1e3..1959ea7 100644
--- a/wpa_supplicant/dbus/dbus_new.c
+++ b/wpa_supplicant/dbus/dbus_new.c
@@ -1424,12 +1424,10 @@
/**
- *
- * Method to emit Invitation Result signal based on status and
- * bssid
- * @status: Status of the Invite request. 0 for success, other
- * for errors
- * @bssid : Basic Service Set Identifier
+ * wpas_dbus_signal_p2p_invitation_result - Emit InvitationResult signal
+ * @wpa_s: %wpa_supplicant network interface data
+ * @status: Status of invitation process
+ * @bssid: Basic Service Set Identifier
*/
void wpas_dbus_signal_p2p_invitation_result(struct wpa_supplicant *wpa_s,
int status, const u8 *bssid)
@@ -3284,6 +3282,11 @@
};
+/**
+ * wpas_dbus_register_interface - Register an interface with D-Bus
+ * @wpa_s: wpa_supplicant interface structure
+ * Returns: 0 on success, -1 on failure
+ */
int wpas_dbus_register_interface(struct wpa_supplicant *wpa_s)
{
@@ -3334,6 +3337,11 @@
}
+/**
+ * wpas_dbus_unregister_interface - Unregister the interface from D-Bus
+ * @wpa_s: wpa_supplicant interface structure
+ * Returns: 0 on success, -1 on failure
+ */
int wpas_dbus_unregister_interface(struct wpa_supplicant *wpa_s)
{
struct wpas_dbus_priv *ctrl_iface;
@@ -3498,7 +3506,7 @@
/**
* wpas_dbus_signal_peer_found - Send a peer found signal
* @wpa_s: %wpa_supplicant network interface data
- * @dev: peer device object
+ * @dev_addr: Peer P2P Device Address
*
* Notify listeners about find a p2p peer device found
*/
@@ -3513,7 +3521,7 @@
/**
* wpas_dbus_signal_peer_lost - Send a peer lost signal
* @wpa_s: %wpa_supplicant network interface data
- * @dev: peer device object
+ * @dev_addr: Peer P2P Device Address
*
* Notify listeners about lost a p2p peer device
*/
@@ -3660,6 +3668,13 @@
}
+/**
+ * wpas_dbus_signal_peer_groups_changed - Send peer group change property signal
+ * @wpa_s: %wpa_supplicant network interface data
+ * @dev_addr: P2P Device Address
+ *
+ * Notify listeners about peer Groups property changes.
+ */
void wpas_dbus_signal_peer_groups_changed(struct wpa_supplicant *wpa_s,
const u8 *dev_addr)
{
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index 2a7e2cf..1c04e92 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -214,7 +214,7 @@
} else if (entry.type == DBUS_TYPE_STRING) {
if (should_quote_opt(entry.key)) {
size = os_strlen(entry.str_value);
- if (size <= 0)
+ if (size == 0)
goto error;
size += 3;
diff --git a/wpa_supplicant/dbus/dbus_new_handlers_wps.c b/wpa_supplicant/dbus/dbus_new_handlers_wps.c
index dcae0a9..b2251ba 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers_wps.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers_wps.c
@@ -53,7 +53,7 @@
else if (os_strcmp(val, "registrar") == 0)
params->role = 2;
else {
- wpa_printf(MSG_DEBUG, "dbus: WPS.Start - Uknown role %s", val);
+ wpa_printf(MSG_DEBUG, "dbus: WPS.Start - Unknown role %s", val);
*reply = wpas_dbus_error_invalid_args(message, val);
return -1;
}
@@ -113,7 +113,7 @@
dbus_message_iter_recurse(&variant_iter, &array_iter);
dbus_message_iter_get_fixed_array(&array_iter, ¶ms->bssid, &len);
if (len != ETH_ALEN) {
- wpa_printf(MSG_DEBUG, "dbus: WPS.Stsrt - Wrong Bssid length %d",
+ wpa_printf(MSG_DEBUG, "dbus: WPS.Start - Wrong Bssid length %d",
len);
*reply = wpas_dbus_error_invalid_args(message,
"Bssid is wrong length");
diff --git a/wpa_supplicant/dbus/dbus_old_handlers.c b/wpa_supplicant/dbus/dbus_old_handlers.c
index 0ffa1be..462c713 100644
--- a/wpa_supplicant/dbus/dbus_old_handlers.c
+++ b/wpa_supplicant/dbus/dbus_old_handlers.c
@@ -500,7 +500,7 @@
/* EAP methods */
eap_methods = eap_get_names_as_string_array(&num_items);
if (eap_methods) {
- dbus_bool_t success = FALSE;
+ dbus_bool_t success;
size_t i = 0;
success = wpa_dbus_dict_append_string_array(
@@ -884,7 +884,7 @@
if (should_quote_opt(entry.key)) {
size = os_strlen(entry.str_value);
/* Zero-length option check */
- if (size <= 0)
+ if (size == 0)
goto error;
size += 3; /* For quotes and terminator */
value = os_zalloc(size);
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 7be352d..2dbc39f 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -1628,6 +1628,9 @@
if (wpa_supplicant_req_sched_scan(wpa_s))
wpa_supplicant_req_new_scan(wpa_s, timeout_sec,
timeout_usec);
+
+ wpa_msg_ctrl(wpa_s, MSG_INFO,
+ WPA_EVENT_NETWORK_NOT_FOUND);
}
}
return 0;
@@ -1685,7 +1688,7 @@
#else /* CONFIG_NO_SCAN_PROCESSING */
struct os_reltime now;
- if (wpa_s->last_scan_res_used <= 0)
+ if (wpa_s->last_scan_res_used == 0)
return -1;
os_get_reltime(&now);
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 1788113..a472feb 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -67,7 +67,7 @@
for (;;) {
int group = groups[wpa_s->sme.sae_group_index];
- if (group < 0)
+ if (group <= 0)
break;
if (sae_set_group(&wpa_s->sme.sae, group) == 0) {
wpa_dbg(wpa_s, MSG_DEBUG, "SME: Selected SAE group %d",
@@ -698,6 +698,8 @@
return -1;
if (auth_transaction == 1) {
+ u16 res;
+
groups = wpa_s->conf->sae_groups;
wpa_dbg(wpa_s, MSG_DEBUG, "SME SAE commit");
@@ -708,8 +710,14 @@
return -1;
if (groups && groups[0] <= 0)
groups = NULL;
- if (sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,
- groups) != WLAN_STATUS_SUCCESS)
+ res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,
+ groups);
+ if (res == SAE_SILENTLY_DISCARD) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Drop commit message due to reflection attack");
+ return 0;
+ }
+ if (res != WLAN_STATUS_SUCCESS)
return -1;
if (sae_process_commit(&wpa_s->sme.sae) < 0) {
@@ -831,12 +839,20 @@
#ifdef CONFIG_IEEE80211R
if (data->auth.auth_type == WLAN_AUTH_FT) {
- union wpa_event_data edata;
- os_memset(&edata, 0, sizeof(edata));
- edata.ft_ies.ies = data->auth.ies;
- edata.ft_ies.ies_len = data->auth.ies_len;
- os_memcpy(edata.ft_ies.target_ap, data->auth.peer, ETH_ALEN);
- wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &edata);
+ if (wpa_ft_process_response(wpa_s->wpa, data->auth.ies,
+ data->auth.ies_len, 0,
+ data->auth.peer, NULL, 0) < 0) {
+ wpa_dbg(wpa_s, MSG_DEBUG,
+ "SME: FT Authentication response processing failed");
+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid="
+ MACSTR
+ " reason=%d locally_generated=1",
+ MAC2STR(wpa_s->pending_bssid),
+ WLAN_REASON_DEAUTH_LEAVING);
+ wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
+ wpa_supplicant_mark_disassoc(wpa_s);
+ return;
+ }
}
#endif /* CONFIG_IEEE80211R */
diff --git a/wpa_supplicant/wpa_gui-qt4/main.cpp b/wpa_supplicant/wpa_gui-qt4/main.cpp
index 39e01bf..bbd45c6 100644
--- a/wpa_supplicant/wpa_gui-qt4/main.cpp
+++ b/wpa_supplicant/wpa_gui-qt4/main.cpp
@@ -19,6 +19,7 @@
argc(argc),
argv(argv)
{
+ w = NULL;
}
#if !defined(QT_NO_SESSIONMANAGER) && QT_VERSION < 0x050000